Craig Thomler's professional blog - eGovernment and Gov 2.0 thoughts and speculations from an Australian perspective

Craig Thomler

I've worked in the online sector since 1995 in roles including founder, publisher, journalist, webmaster, marketer, channel manager, CIO, COO and visionary. I left the public sector in early 2012 to lead Delib Australia as Managing Director Australia and New Zealand. More...

Sunday, September 07, 2008

From my experience in government, both as a customer and as a public servant, I've discovered that when addressing emails from citizens, government agencies often treat email as surface mail rather than as a phone call.

This means that citizens who choose an electronic communications route can often expect response times measured in weeks or months, rather than in minutes or hours.

Personally I find this unacceptable.

In asking why this was the case I have been told that government cannot discriminate based on mode of contact. That we cannot respond faster to customers choosing to use email rather than surface mail - even though a wait of even a few minutes is considered unacceptable for phone calls.

I have also been told by some departments (by phone or via their websites) that they cannot respond by email at all. That to protect my privacy they must send messages via surface mail - that post is more secure, more convenient or more official - even if I am happy to accept the risks and choose to email them.

I saw a similar situation in the private sector five years ago. Companies were unsure whether to treat emails as a postal medium or a a telephonic one.

They did not have a clear understanding of how email worked technically and did not trust its reliability or security (compared to other mediums).

They did not have staff trained or processes in place to handle a high-speed written medium.

Fortunately, at least in the private sector, many organisations are now more mature in their understanding and application of email.

Treat email as a phone call, not as a letter

My solution to ensuring emailing customers get the right level of respect and service in both public and private organisations has remained the same - treat emails as phone calls.

Email is perceived by the community as a nearly instant form of communication, like the telephone or face-to-face.

None of us would let a phone ring for a month before answering it, so why subject customers choosing email to this?

Address security and privacy concerns in a positive manner

Email is often treated with suspicion by organisations, due to perceived security issues in how it is transmitted from place to place and the concern that it is easy to intercept.

However people have adopted email regardless of perceived risks due to its benefits - high speed and low cost with a fast response time. Today, throughout western countries, people send many times more emails, often of a personal nature, than they make phone calls.

Given that government organisations have a greater obligation to protect citizen information than do our customers themselves, how can this be addressed?

I have a three point plan I have successfully used in organisations (including my current agency) to begin to address these concerns.

Three steps to better customer service (by email)

Many organisations have a defacto email security policy, one that has grown from personal opinions, interpretations and often from misunderstandings about the medium rather than through an objective and formal risk assessment process.

This is easy to address - get the legal, technical and customer service people together in a room and assess the risks of each form of customer contact.

It is particularly important to assess relative risk, for example:

Are the security risks of email greater than for mail, fax, telephony or face-to-face?

Is postal mail guaranteed to be delivered?

Is it easier to steal letters from a mailbox than emails from a computer?

If people choose VOIP telephony, is this treated as email for security purposes?

Can different levels of privacy be enforced for different mediums/security levels?

Consider different scenarios, for example:

Are privacy considerations different when the customer initiates (email) communication (with personal information).

Can customers explicitly provide permission to receive responses (by email) for a set period (even if done by phone or signed fax/letter), accepting responsibility for security?

Consider organisational capability, for example:

Are staff adequately trained to respond to emails? Just because people are good on the phone doesn't mean they are good at writing emails! An appropriate etiquette level may have to be taught.

Is the organisation appropriately resourced to address emails in a timely fashion? International benchmarks indicate that optimally emails should be addressed in less than four hours, with two days the maximum timeframe people are prepared to wait for adequate service. Can your organisation achieve this - and if not, what mitigations does it put in place to communicate this to customers (who will email anyway!)

Assess customer expectations, for example:

What do customers expect in terms of privacy in email and other mediums?

Do they expect the same detail level in responses?

How fast a response do they expect?

Do they expect organisations to answer as much as they can can and then refer the customer to another channel?

Out of this it becomes possible to correctly understand the medium's characteristics, the real risks, what customers expect and then determine the mitigations which diminish, remove or defer any critical risks.

2. Change internal policies that do not reflect law

Often side-effect from not having conducted a formal risk assessment, internal email policies may not always reflect the current laws of the land (policy is often stricter).

Once a formal risk assessment has been conducted, you should review and rewrite internal policies on customer communications to reflect the risk assessment outcomes.

These policies should include details on when and how a customer can choose to accept the risks and take ownership of the security of the process.

If you find that there are no written policies, write them down and communicate them widely. They should include the background and 'myth-busters' as well as the code of (email) conduct.

3. Review laws to meet community expectations

Sometimes it's the actual laws themselves which are out-of-step with community sentiment and concerns.

Laws are living things, frequently being amended and adjusted to address new situations and changes in social norms.

Privacy and security laws are no different to other laws in this and require regular review to match citizen expectations - there is no 'right' level of privacy, it is dictated by public opinion.

As such, if your customer sentiment reflects a different view and acceptance of (email) security than do Australia's laws, feed this information back into the policy process.

Change is possible, and it will allow your organisation to provide better customer service as a result.

1 comment:

Hi Craig - excellent post. I had an experience when I wrote to the Prime Minister and the Minister for the Environment about my dismay at the rebate for solar panels being restricted to households who had a combined income of $100k. I sent the email on 15 May this year. I received a response dated 30 June 2008 by snail mail. Why it took them more than 6 weeks to respond is beyond me. Why they could not respond by email is beyond me. Why they could not even address the issues raised in my email and only provide political spin suggests they are not interested in addressing individual citizen's concerns. They are only interested in pushing their policies. I think it will take a long time before they actually start listening to citizens who take the time to email concerns. Such a shame but expected.

Legal DisclaimerThis is a personal blog. It is not officially endorsed by the Australian Government. The views expressed are those of the author or originators and do not necessarily reflect the views of the Australian Government or any other individuals or organisations.